If you're new here, you may want to subscribe to our RSS feed as well as to our NewsLetter (on Top Right hand menu) to get highly informative articles weekly...and NO, we never spam!如果你是新这里,你可以订阅我们的rss以及我们简讯 (顶右手菜单) ,以获得翔实周刊文章… …不,我们从来垃圾!
I just wrote the article How to combine Java and ASP .Net to use both .我只是写文章如何结合java和asp的 。 网使用 。 That article was for beginners so I felt to write something for intermediate ASP users.文章指出,为初学者,所以我觉得写一些asp的中级用户。 In this article, I am going to talk about Control Access in ASP在这篇文章,我要谈谈准入控制在asp
Control access to resources in ASP .Net控制获取资源在asp 。净
Some times access to web sites should be limited, because of various causes like: coder wants to allow using some resources only by subscribed users or users should comply to specific demands.有些时候接入的网站应有限,由于种种原因,如:编码要允许用一些资源只能由认购使用者或使用者应遵守的具体要求。 Although coders limit the user access there should always have some pages visible to guests in order the site to represent its target and contents.虽然编码限制用户接入应该总是有一些看得见页宾客,以工地代表,其目标和内容。 The exact management of the user rights to access resources form site is called – authorization.精确管理用户权利获取资源站点形式称为-授权。 In order to be built an authorization there should be provided authentication of users.为了建立一个有授权的,应提供认证的用户。 So to explain the building process of authorization we assume that complete system of authentication is built.这样解释建设过程中擅自我们假定完整体系认证的基础。
Defining Authentication界定认证
Defining the authorization has some variants depending of the point of view.界定授权有所不同变种的观点。 It can be done statically in web configuration file or dynamically in the code behind.它可以做静态网页配置文件或动态的代码后面。 Authorization can be built upon users, roles of users or both.授权可建成后,用户,角色用户或两者兼而有之。 Storing the user roles and managing can be done by the built in providers or any custom build role provider.存放用户角色管理,可以由建设商或任何习俗建商的角色。
Authorization basically consists of rules.授权基本上包含规则。 Rules describe whom and which resource are they applied to.规则描述人,而资源是他们申请。 Here are some examples coded in web configuration file.这里是一些例子代码在web配置文件。 Users that do not match the specified rules are redirected to the login page in Forms authentication.用户不配合,指定规则重定向到登录页面的形式认证。
<authorization > <deny users = "?" > </deny > </authorization > <authorization > <deny 用户 = "?" > < /否认> < /授权> This means that unauthenticated users are denied.这意味着未经用户都否认。
<authorization > <deny users = "?" > <allow users = "”*”" > </allow > </deny > </authorization > <authorization > <deny 用户 = "?" > <allow 用户 = ""*"" > < / 允许> < /否认> < /授权> This means unauthenticated users are denied, all other users are allowed.这意味着未经用户否认,所有其他用户都可以使用。
<authorization > <deny users = "?" > <deny users = "john" > <deny users = "nelly" > <allow users = "*" > </allow > </deny > </deny > </deny > </authorization > <authorization > <deny 用户 = "?" > <deny 用户 = "john" > <deny 用户 = "nelly" > <allow 用户 = "*" > < /允许> < /否认> < /否认> < /否认> < /授权> This denies unauthenticated users along with the specified users.这否认未经用户随着特定用户。 The pointed users can be put in one rule with comma separated list too.该指用户可以在一个规则与逗号分隔的列表。
Instead defining rules examining the whole site resources it can be done only upon some pages or directory with resources.相反界定规则审视整个网站资源可以做到只对一些网页的目录或资源。
Directory authorization can be done by inserting another web configuration file in it and/or every subdirectory.目录授权可以做插入另一个web配置文件和/或每个子目录。 Note that if a user is denied or allowed accessing the resources in top directory this can be changed to subdirectory.注意,如果用户拒绝或允许访问资源目录回到这个可改为子目录。
<location path = "SomePage.aspx" > <system .web > <authorization > <deny users = "?" > </deny > </authorization > </system .web > </location > <location 路径 = "somepage.aspx" > <system .web > <authorization > <deny 用户 = "?" > < /否认> < /授权> < /系统 。网站> < /位置> Role authorization角色授权
Sometimes site administration is quite a difficult task because the large number of users and their tasks upon the site.有时现场管理是一个相当困难的任务,因为有大量用户及其任务后,网站。 For example sites can have the fallowing group of users: administrators, project managers, ordinary users and guests.例如网站可以有休耕的用户群:管理员,项目经理,普通用户和来宾。 Programming authorization rules for everyone is difficult.编程授权规则是每个困难。 Here comes the ASP.NET 2.0 improvement role management which besides is very connected with Membership /not discussed in this article/.来了2.0 asp.net中的作用,改善管理,其中除了很与会员/没有讨论这篇文章/ 。 Further we’ll assume that a custom or embedded membership authentication is applied to site.进一步我们假定定制或嵌入会员认证是适用于网站。 In Windows authentication roles are automatically available.在windows认证角色是自动可用。 To use role services with built in sql role provider enable role services through the security wizard in VS 2005, select the sql provider for the role management store and a database called ASPNETDB.mdb will be created automatically.以服务的角色与在建的sql提供商角色,使服务的作用,通过安全向导队在2005年选择的sql提供商角色店面管理和数据库称为aspnetdb.mdb将自动产生。
After the roles are enabled and authentication built there are a couple of variants of defining the role authorization.经过角色,使认证建有两三个变种界定角色授权。
<authorization > <deny users = "?" > <allow roles = "Manager, Supervisor" > </allow > <deny users = "*" > </deny > </deny > </authorization > <authorization > <deny 用户 = "?" > <allow 角色 = "manager, supervisor" > < /允许> <deny 用户 = "*" > < /否认> < /否认> < /授权> Deny all unauthenticated users, allow only Mangers and Supervisors, deny any other users.否认所有未经认证的用户,只允许经理和监事,拒绝任何其他用户。
To check users in code behind use something like:检查用户代码后面使用类似:
if ( User. IsInRole ( "Administrators" ) ) { //allow something } else { // Don't allow. 如果 ( ktsquare isinrole ( "管理员" ) ) ( / / 允许一些 其他 ) ( / /不容许。 Instead, redirect to the restriction page. Response . Redirect ( "Restricted.aspx" ) ; } 相反,重定向到限制页。 响应 。 重定向 ( " restricted.aspx " ) ; )
 | Pro Asp.net 2.0 in C# 2005 by Mario Szpuszta, Matthe... 亲asp.net的2.0三# 2005马里奥szpuszta , matthe ... US $7.00 (1 Bid) 美国7.00美元 ( 1申办) Auction Ends: Saturday Sep-29-2007 6:59:13 PDT 拍卖结束:周六9 - 29 - 2007年6时59分13秒动力 Bid on this Item | Watch this Item 申办这一项目 | 观看此项目 |
 | New MASTERING VISUAL C#.NET BUY-IT-NOW BONUS ASP.NET CD掌握新的视觉三 # 。网购资讯,现在奖金asp.net的唯 US $5.95 (0 Bid) 美国5.95美元 ( 0申办) Auction Ends: Saturday Sep-29-2007 9:15:21 PDT 拍卖结束:周六9 - 29 - 2007年9时15分21秒动力 Bid on this Item | Buy this Item | Watch this Item 申办这一项目 | 购买这个项目 | 观看此项目 |
 | Lot of 6 Computer Programming Books ASP.NET C# Unix Mic 很多6计算机编程书籍asp.net的三# unix的军事工业 US $5.24 (9 Bids) 美元5.24 ( 9标书) Auction Ends: Saturday Sep-29-2007 10:16:28 PDT 拍卖结束:周六9 - 29 - 2007年10时16分28秒动力 Bid on this Item | Buy this Item | Watch this Item 申办这一项目 | 购买这个项目 | 观看此项目 |
(No Ratings Yet) (没有收视率却) 
Loading ...装载... Links you may find interesting -联系,你可以找到有趣-
- Role Manager WordPress Plugin - Control access to users and give privileges 经理角色wordpress的插件-控制接入用户并给予特权
- Built-in personalization techniques in ASP.NET 2.0 - Implement Personalization in your Website 内置式个性化技术在asp.net 2.0 -实施个性化你的网站
- How to Build Secure Websites - Best practices for Building Authentication on ASP Powered Websites 如何建立安全的网站-最佳做法建立认证a sp的动力网站
- Remote Control with UltraVNC - Complete HowTo 遥控同ultravnc -完全指南
- 10 Wordpress Plugins to make your Wordpress more Safe, Secure and Easy to Use 10 wordpress的插件,使你的wordpress的更安全,可靠和易于使用
One Response to “Tutorial on Control access to resources in ASP .Net”一回应"补习控制获取资源在asp 。网"
Post A Comment邮报评论
September 13th, 2007 at 6:32 pm 2007年9月13日在下午06时32分
[…] you may want to subscribe to my RSS feed. [ … ]你可以订阅我的rss 。 Thanks for visiting!So after covering 2 ASP articles(this and this, in case you are curious to know) I am back to Wordpress Plugin […]感谢来访!所以经过占地2 asp的文章(这本,如果你想知道)我回wordpress的插件[ … ]